← volver
CVE-2006-1990

CVE-2006-1990

EPSS 10.4%
Integer overflow in the wordwrap function in string.c in PHP 4.4.2 and 5.1.2 might allow context-dependent attackers to execute arbitrary code via certain long arguments that cause a small buffer to be allocated, which triggers a heap-based buffer overflow in a memcpy function call, a different vulnerability than CVE-2002-1396.
Productos afectados
n/a · n/a

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →
Referencias
ftp://patches.sgi.com/support/free/security/advisories/20060701-01-Uhttp://docs.info.apple.com/article.html?artnum=304829http://lists.apple.com/archives/security-announce/2006/Nov/msg00001.htmlhttp://rhn.redhat.com/errata/RHSA-2006-0549.htmlhttp://secunia.com/advisories/19803http://secunia.com/advisories/20052http://secunia.com/advisories/20222http://secunia.com/advisories/20269http://secunia.com/advisories/20676http://secunia.com/advisories/21031http://secunia.com/advisories/21050http://secunia.com/advisories/21125